From 56af637cf24870b4521f88f25e2fb5501dc6d8d2 Mon Sep 17 00:00:00 2001 From: Izorkin Date: Wed, 29 Jun 2022 17:48:44 +0300 Subject: [PATCH] curl: enable HTTP 3 protocol by default --- .../manual/release-notes/rl-2511.section.md | 2 ++ nixos/tests/haproxy.nix | 3 --- nixos/tests/nginx-http3.nix | 1 - nixos/tests/rustls-libssl.nix | 1 - nixos/tests/sing-box.nix | 4 ---- nixos/tests/web-servers/h2o/basic.nix | 4 ---- pkgs/by-name/ht/https-dns-proxy/package.nix | 7 ++----- pkgs/by-name/ng/nghttp3/package.nix | 18 +++++------------- pkgs/development/libraries/ngtcp2/default.nix | 17 ++++------------- pkgs/top-level/all-packages.nix | 5 +---- 10 files changed, 14 insertions(+), 48 deletions(-) diff --git a/nixos/doc/manual/release-notes/rl-2511.section.md b/nixos/doc/manual/release-notes/rl-2511.section.md index c3ea92ca29c8b..171e190ead673 100644 --- a/nixos/doc/manual/release-notes/rl-2511.section.md +++ b/nixos/doc/manual/release-notes/rl-2511.section.md @@ -8,6 +8,8 @@ - Secure boot support can now be enabled for the Limine bootloader through {option}`boot.loader.limine.secureBoot.enable`. Bootloader install script signs the bootloader, then kernels are hashed during system rebuild and written to a config. This allows Limine to boot only the kernels installed through NixOS system. +- Curl is now built with the HTTP/3 protocol enabled by default. + - The default PostgreSQL version for new NixOS installations (i.e. with `system.stateVersion >= 25.11`) is v17. - The NetworkManager module does not ship with a default set of VPN plugins anymore. All required VPN plugins must now be explicitly configured in [`networking.networkmanager.plugins`](#opt-networking.networkmanager.plugins). diff --git a/nixos/tests/haproxy.nix b/nixos/tests/haproxy.nix index bd8b9b288a222..2ee35dda8a95c 100644 --- a/nixos/tests/haproxy.nix +++ b/nixos/tests/haproxy.nix @@ -67,9 +67,6 @@ }; client = { pkgs, ... }: - { - environment.systemPackages = [ pkgs.curlHTTP3 ]; - }; }; testScript = '' # Helpers diff --git a/nixos/tests/nginx-http3.nix b/nixos/tests/nginx-http3.nix index 1c0326d0f0f60..0e80043aa0b4f 100644 --- a/nixos/tests/nginx-http3.nix +++ b/nixos/tests/nginx-http3.nix @@ -66,7 +66,6 @@ builtins.listToAttrs ( client = { pkgs, ... }: { - environment.systemPackages = [ pkgs.curlHTTP3 ]; networking = { interfaces.eth1 = { ipv4.addresses = [ diff --git a/nixos/tests/rustls-libssl.nix b/nixos/tests/rustls-libssl.nix index 165edb76a5d4d..f7be784565c0e 100644 --- a/nixos/tests/rustls-libssl.nix +++ b/nixos/tests/rustls-libssl.nix @@ -64,7 +64,6 @@ in client = { pkgs, ... }: { - environment.systemPackages = [ pkgs.curlHTTP3 ]; networking = { interfaces.eth1 = { ipv4.addresses = [ diff --git a/nixos/tests/sing-box.nix b/nixos/tests/sing-box.nix index 0825684e0bed6..0d80da7a992b8 100644 --- a/nixos/tests/sing-box.nix +++ b/nixos/tests/sing-box.nix @@ -249,7 +249,6 @@ in ]; environment.systemPackages = [ - pkgs.curlHTTP3 pkgs.iproute2 ]; @@ -308,7 +307,6 @@ in ]; environment.systemPackages = [ - pkgs.curlHTTP3 pkgs.iproute2 ]; @@ -369,8 +367,6 @@ in (builtins.readFile ./common/acme/server/ca.cert.pem) ]; - environment.systemPackages = [ pkgs.curlHTTP3 ]; - systemd.services.sing-box.serviceConfig.ExecStartPost = [ "+${tproxyPost}/bin/exe" ]; diff --git a/nixos/tests/web-servers/h2o/basic.nix b/nixos/tests/web-servers/h2o/basic.nix index 52a4b58429e82..1f19d06f16565 100644 --- a/nixos/tests/web-servers/h2o/basic.nix +++ b/nixos/tests/web-servers/h2o/basic.nix @@ -43,10 +43,6 @@ in server = { pkgs, ... }: { - environment.systemPackages = [ - pkgs.curlHTTP3 - ]; - services.h2o = { enable = true; defaultHTTPListenPort = port.HTTP; diff --git a/pkgs/by-name/ht/https-dns-proxy/package.nix b/pkgs/by-name/ht/https-dns-proxy/package.nix index a37168689b581..31a4462f349ef 100644 --- a/pkgs/by-name/ht/https-dns-proxy/package.nix +++ b/pkgs/by-name/ht/https-dns-proxy/package.nix @@ -5,13 +5,10 @@ cmake, gtest, c-ares, - curlHTTP3, + curl, libev, }: -let - curl' = curlHTTP3; -in stdenv.mkDerivation rec { pname = "https-dns-proxy"; # there are no stable releases (yet?) @@ -38,7 +35,7 @@ stdenv.mkDerivation rec { buildInputs = [ c-ares - curl' + curl libev ]; diff --git a/pkgs/by-name/ng/nghttp3/package.nix b/pkgs/by-name/ng/nghttp3/package.nix index b1127feff371f..531c0d2d433c7 100644 --- a/pkgs/by-name/ng/nghttp3/package.nix +++ b/pkgs/by-name/ng/nghttp3/package.nix @@ -1,21 +1,17 @@ { lib, stdenv, - fetchFromGitHub, + fetchurl, cmake, - curlHTTP3, }: stdenv.mkDerivation (finalAttrs: { pname = "nghttp3"; version = "1.11.0"; - src = fetchFromGitHub { - owner = "ngtcp2"; - repo = "nghttp3"; - tag = "v${finalAttrs.version}"; - hash = "sha256-8WQfXzzF3K0IJNectrE1amQ6Njq4pZslrcVun6Uhi6E="; - fetchSubmodules = true; + src = fetchurl { + url = "https://github.com/ngtcp2/nghttp3/releases/download/v${finalAttrs.version}/nghttp3-${finalAttrs.version}.tar.bz2"; + hash = "sha256-AAKlyoVtsFmqbcac9zL7sA2aHnPteISPXUjyYh8gyoo="; }; outputs = [ @@ -32,13 +28,9 @@ stdenv.mkDerivation (finalAttrs: { doCheck = true; - passthru.tests = { - inherit curlHTTP3; - }; - meta = { homepage = "https://github.com/ngtcp2/nghttp3"; - changelog = "https://github.com/ngtcp2/nghttp3/releases/tag/${finalAttrs.src.tag}"; + changelog = "https://github.com/ngtcp2/nghttp3/releases/tag/${finalAttrs.version}"; description = "Implementation of HTTP/3 mapping over QUIC and QPACK in C"; license = lib.licenses.mit; platforms = lib.platforms.unix; diff --git a/pkgs/development/libraries/ngtcp2/default.nix b/pkgs/development/libraries/ngtcp2/default.nix index db366ad7e0a73..d2a93bd2e6c10 100644 --- a/pkgs/development/libraries/ngtcp2/default.nix +++ b/pkgs/development/libraries/ngtcp2/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, - fetchFromGitHub, + fetchurl, cmake, brotli, libev, @@ -9,20 +9,15 @@ quictls, withJemalloc ? false, jemalloc, - curlHTTP3, }: stdenv.mkDerivation (finalAttrs: { pname = "ngtcp2"; version = "1.14.0"; - src = fetchFromGitHub { - owner = "ngtcp2"; - repo = "ngtcp2"; - # must match version usage in meta.changelog - tag = "v${finalAttrs.version}"; - hash = "sha256-5Pmk752i/lgO/os2SegevGN+MKaVuQii2HrVWaR15Gg="; - fetchSubmodules = true; + src = fetchurl { + url = "https://github.com/ngtcp2/ngtcp2/releases/download/v${finalAttrs.version}/ngtcp2-${finalAttrs.version}.tar.bz2"; + hash = "sha256-I+Q2UvVwKzGm53S5ON2XtqAyW8UiyUM4R+bG/BYBvrU="; }; outputs = [ @@ -46,10 +41,6 @@ stdenv.mkDerivation (finalAttrs: { doCheck = true; - passthru.tests = { - inherit curlHTTP3; - }; - meta = { homepage = "https://github.com/ngtcp2/ngtcp2"; changelog = "https://github.com/ngtcp2/ngtcp2/releases/tag/v${finalAttrs.version}"; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index bd6eb1036e93c..0efc5f4992392 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2661,15 +2661,12 @@ with pkgs; websocketSupport = true; }; - curlHTTP3 = curl.override { - http3Support = true; - }; - curl = curlMinimal.override ( { idnSupport = true; pslSupport = true; zstdSupport = true; + http3Support = true; } // lib.optionalAttrs (!stdenv.hostPlatform.isStatic) { brotliSupport = true;